SecurityWeek reports that more than 1,000 organizations around the world could be subjected to subdomain hijacking attacks leveraging dangling DNS records.
Dangling DNS records were exploited by Certitude Consulting researchers to take over subdomains owned by over a dozen organizations including government entities in the U.S., Canada, Australia, and the U.K., major U.S. universities, news company CNN, major insurance firm Penn Mutual, and cybersecurity company Netscout.
All organizations that had their subdomains compromised have already been notified but thousands more are still at risk, with threat actors potentially utilizing the attack technique to facilitate social engineering attacks, malware intrusions, and phishing campaigns, noted the report.
"In most cases, the hijacking of subdomains could be effectively and comprehensively prevented by cloud services through domain ownership verification and not immediately releasing previously used identifiers for registration," said Certitude Consulting cloud security expert Florian Schweitzer, who noted that while Microsoft has addressed such an issue in Azure Storage Accounts, other cloud providers have yet to follow suit.
Ahead of its imminent approval, the Biden administration's proposed executive order mandating U.S. cloud infrastructure-as-a-service providers to strengthen the verification of their users' identities has received industry opposition due to the increased financial and logistical burdens that would arise from such a rule, according to The Record, a news site by cybersecurity firm Recorded Future.
U.S. independent record label Empire Distribution, which has worked with Kendrick Lamar, Snoop Dogg, and 50 Cent, had its sensitive data exposed as a result of an environment file misconfiguration, Cybernews reports.
A look back at the Heartbleed bug and measuring its’ legacy, impact and how some view one of cybersecurity’s biggest headaches as an important learning moment.